User Metadata

By default users who authenticate via SAML will have some additional metadata
fields.

saml_nameid will be set to the value of the NameID element in the SAML
authentication response

saml_nameid_format will be set to the full URI of the NameID’s format
attribute

Every SAML Attribute that is provided in the authentication response
(regardless of whether it is mapped to an Elasticsearch user property), will be added
as the metadata field saml(name) where "name" is the full URI name of the
attribute. For example saml(urn:oid:0.9.2342.19200300.100.1.3).

For every SAML Attribute that has a friendlyName, will also be added as the
metadata field saml_friendlyName where "name" is the full URI name of the
attribute. For example saml_mail.

This behaviour can be disabled by adding populate_user_metadata: false to as
a setting in the saml realm.